You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/identity/idp-integration/gsuite.mdx
+12-8Lines changed: 12 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,6 +16,8 @@ You do not need to be a Google Cloud Platform user to integrate Google Workspace
16
16
17
17
## Set up Google Workspace as an identity provider
18
18
19
+
### 1. Configure Google Workspace
20
+
19
21
1. Log in to the Google Cloud Platform [console](https://console.cloud.google.com/). This is separate from your Google Workspace console.
20
22
21
23
2. A Google Cloud project is required to enable Google Workspace APIs. If you do not already have a Google Cloud project, go to **IAM & Admin** > **Create Project**. Name the project and select **Create**.
@@ -66,21 +68,23 @@ You do not need to be a Google Cloud Platform user to integrate Google Workspace
66
68
67
69
15. Enable the **Trust internal, domain-owned apps** option. This setting is disabled by default and must be enabled for Cloudflare Access to work correctly.
68
70
69
-
16. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
71
+
### 2. Add Google Workspace to Zero Trust
72
+
73
+
1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**.
70
74
71
-
17. Under **Login methods**, select **Add new** and choose **Google Workspace**.
75
+
2. Under **Login methods**, select **Add new** and choose **Google Workspace**.
72
76
73
-
18. Input the Client ID and Client Secret fields generated previously. Additionally, input the domain of your Google Workspace account.
77
+
3. Input the Client ID and Client Secret fields generated previously. Additionally, input the domain of your Google Workspace account.
74
78
75
-
19. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/). PKCE will be performed on all login attempts.
79
+
4. (Optional) Enable [Proof of Key Exchange (PKCE)](https://www.oauth.com/oauth2-servers/pkce/). PKCE will be performed on all login attempts.
76
80
77
-
20. (Optional) Under **Optional configurations**, enter [custom OIDC claims](/cloudflare-one/identity/idp-integration/generic-oidc/#oidc-claims) that you wish to add to your Access [application token](/cloudflare-one/identity/authorization-cookie/application-token/).
81
+
5. (Optional) To enable SCIM, refer to the [OIDC connector documentation](/cloudflare-one/identity/idp-integration/generic-oidc/#synchronize-users-and-groups).
78
82
79
-
21. Select **Save**. To complete setup, you must visit the generated link. If you are not the Google Workspace administrator, share the link with the administrator.
83
+
6. (Optional) Under **Optional configurations**, enter [custom OIDC claims](/cloudflare-one/identity/idp-integration/generic-oidc/#oidc-claims) that you wish to add to your Access [application token](/cloudflare-one/identity/authorization-cookie/application-token/).
80
84
81
-
22. The generated link will prompt you to log in to your Google admin account and to authorize Cloudflare Access to view group information. After allowing permissions, you will see a success page from Cloudflare Access.
85
+
7. Select **Save**. To complete setup, you must visit the generated link. If you are not the Google Workspace administrator, share the link with the administrator.
82
86
83
-
## Test your connection
87
+
8. The generated link will prompt you to log in to your Google admin account and to authorize Cloudflare Access to view group information. After allowing permissions, you will see a success page from Cloudflare Access.
84
88
85
89
To test that your connection is working, go to **Authentication** > **Login methods** and select **Test** next to Google Workspace. Your user identity and group membership should return.
0 commit comments